No easy way to stop BREACH from plucking secrets from HTTPS pages, feds say

Less than 24 hours after researchers disclosed a new attack that can pluck secrets from webpages protected by the widely used HTTPS encryption scheme, the US Department of Homeland Security is advising website operators to investigate whether they're susceptible.

As Ars reported Thursday, an exploit dubbed BREACH—short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext—can decode e-mail addresses, certain types of security tokens, and other secrets from encrypted webpages, often in as little as 30 seconds. The attack builds on a previously developed technique known as CRIME, which manipulated data compression to glean clues about the plain-text contents of encrypted payloads. CRIME vulnerabilities were mitigated by disabling TLS compression and modifying the way the Google-developed compression known as SPDY worked. But as both CERT and the developers of BREACH have said, the new attack is much harder to protect against.

"We are currently unaware of a practical solution to this problem," the CERT advisory stated. "However, the reporters offer several tactics for mitigating this vulnerability. Some of these mitigations may protect entire applications, while others may only protect individual webpages."

The tactics, suggested by researchers Angelo Prado, Yoel Gluck, and Neal Harris, include the following:

Disable HTTP compression

Separate the secrets from the user input

Randomize the secrets in each client request

Mask secrets (effectively randomizing by XORing with a random secret per request)

Protect webpages from CSRF attacks

Obfuscate the length of Web responses by adding random amounts of arbitrary bytes